If you have grown your business to a profitable and viable enterprise, then chances are you need to have a procedure for the organization, retention, (and periodic destruction) of your important documents and other business information. This is often handled through a Record Retention and Destruction Policy.
Policies of this nature can offer many tangible and intangible benefits to your business:
- First and foremost, a policy will assist in the organization and management of your day-to-day business operations, by allowing you to easily locate and access key documents. You will also be able to preserve and enhance your business’ institutional knowledge by archiving key documents and information in a manner so that they can be easily located and accessed.
- In today’s environment, businesses are subject to a number of legal, accounting, contractual, and other ongoing requirements and restrictions concerning record retention and destruction. A Record Retention and Destruction Policy will allow you to keep track of (and remain in compliance with) these various requirements.
- Policies of this nature typically include procedures for the periodic purging and destruction of documents that are no longer required to be retained. Thus you are able to reduce costs and expenses associated with the retention and storage of obsolete and unnecessary records.
- Today’s record retention software will often allow you to control the internal and external dissemination of sensitive or confidential information—allowing you to safeguard and protect your most critical business secrets.
- If your business ever gets involved in litigation, a Record Retention and Destruction Policy will help you manage costs, and well as remain in compliance with the various court rules concerning electronic records and discovery.
- Finally, a policy will allow you to respond in the event of a potential sale or other strategic opportunity, by allowing you to quickly locate and assemble your corporate documents to facilitate due diligence and other deal-related activities.
Although each policy is different, and depends upon the specific nature and requirements of the business, there are a couple of general considerations to keep in mind:
- Assemble your team. Implementing a Document Retention and Destruction Policy is a multi-disciplinary exercise, and will require coordination among various employees and advisors, including legal, financial, accounting, human resources, information technology, and other professionals. Most companies are now able to use computer software to automate and manage a large portion of the process. Accordingly, a key partner in this project will be your software provider and implementation consultant.
- Understand the legal and regulatory requirements. Odds are that there are a number of statutes and administrative regulations that are applicable to your business—including those that require you to retain certain records for some designated period of time. These requirements increase exponentially if your business operates in a regulated industry, has an international component, or is involved in government contracting. You may also have certain contracts or certification requirements in place that include a document retention component.
- Draft a written policy. Your business’ specific document retention and destruction requirements should be memorialized through the preparation of a written Document Retention and Destruction Policy, which will typically designate specific “retention periods” based on document type and content. Your legal and human resources advisors can assist in this process.
- Include procedures for implementing a litigation “hold.” In the event of actual or threatened litigation, you will be required to place a “hold” on the destruction of potentially relevant information—even though it might otherwise be destroyed in the ordinary course under the terms of your policy. Your written Document Retention and Destruction Policy should include procedures for implementation of any litigation hold, including: (a) specifying the facts and circumstances triggering a hold; (b) assigning responsibility for initiating the hold; and (c) setting procedures on how the hold is communicated to employees and implemented
- Account for “off site” information. Managing, storing, and disposing of e-mails and other information stored on employee desktop computers is often a fairly straightforward process. However, it may be more difficult to account for documents or information that is stored “off site”—e.g., on an employee's personal computer, laptop, or PDA. Any policy that you implement should include a mechanism for capturing and managing such information.
- Ensure that your policy is properly implemented and enforced. Once you have developed a policy, the real work often begins in the form of implementation and enforcement (including employee training). In some cases, it may be more harmful to have a policy that is not enforced, than if you simply had no policy at all. You should also conduct periodic audits of your retention and destruction program, in order to see if any updates or changes are necessary.
Compiling, organizing, and managing your company’s records can often be a daunting task. However, it is critical that you stay on top of your business’ records and other key information. In today’s information age, there is almost no other way to do business.